From: Peter Shipley <shipley@tfs.COM>
Date: Fri, 11 Jun 93 09:51:47 PDT
To: Eric Hughes <hughes@soda.berkeley.edu>
Subject: Re: MAIL: logging that happens on soda
In-Reply-To: <9306111523.AA11809@soda.berkeley.edu>
Message-ID: <9306111651.AA14556@edev0.TFS>
MIME-Version: 1.0
Content-Type: text/plain


>I was rooting around soda for some other reason and stumbled upon the
>mail logs (!) for soda.  I just sent myself some mail to generate a
>sample entry.  It's got complete traffic analysis data, complete with
>to/from pairs, time of day, and message size.

Eric, most of us know this stuff you are making yourself look very
unix  illiterate.  I know one person at berkeley who wrote a sh script
5 years ago that would track remote mail aliases by analising who (on
campus) who recived with close time stamps.  with this info he was able
to reverse engineer the containce of a lesbian emailing list.


I have a scipt I use the just reads the syslog file and prints out a list of
who is emailing who and what their total volume of mail is.

>If you need a
>place to start looking, the mail log on soda was in the same directory
>as the syslog messages.

or of you look at the file /etc/syslog.conf is tell you where  log the data.